From 4eddda572df9b66756fab2b32f42a1e76dffd714 Mon Sep 17 00:00:00 2001
From: Daniel Simon <daniel.attila.simon@gmail.com>
Date: Fri, 12 Apr 2024 12:00:40 +0700
Subject: [PATCH] ci: plug leak of Github secret

---
 contracts/utils/deploy-cli.ts                      | 6 +++++-
 contracts/utils/deployment-artifacts-to-app-env.ts | 3 ++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/contracts/utils/deploy-cli.ts b/contracts/utils/deploy-cli.ts
index a7db6e93..f8818327 100644
--- a/contracts/utils/deploy-cli.ts
+++ b/contracts/utils/deploy-cli.ts
@@ -156,9 +156,13 @@ Deploying Liquity contracts with the following settings:
     `broadcast/DeployLiquity2.s.sol/${options.chainId}/run-latest.json`,
   );
 
+  // XXX hotfix: we were leaking Github secrets in "deployer"
+  // TODO: check if "deployer" is a private key, and calculate its address and use it instead?
+  const { deployer, ...safeOptions } = options;
+
   // write env file
   await fs.writeJson("deployment-context-latest.json", {
-    options,
+    options: safeOptions,
     deployedContracts: Object.fromEntries(deployedContracts),
   });
 
diff --git a/contracts/utils/deployment-artifacts-to-app-env.ts b/contracts/utils/deployment-artifacts-to-app-env.ts
index e57ee709..526f3f0d 100644
--- a/contracts/utils/deployment-artifacts-to-app-env.ts
+++ b/contracts/utils/deployment-artifacts-to-app-env.ts
@@ -17,7 +17,8 @@ const ZAddress = z.string().regex(/^0x[0-9a-fA-F]{40}$/);
 const ZDeploymentContext = z.object({
   options: z.object({
     chainId: z.number(),
-    deployer: z.string(), // can be an address or a private key
+    // XXX hotfix: we were leaking Github secrets in "deployer"
+    // deployer: z.string(), // can be an address or a private key
     help: z.boolean(),
     openDemoTroves: z.boolean(),
     rpcUrl: z.string(),